multimedia.mailing.mattressomni.ca

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 69.16.175.10, located in United States and belongs to HIGHWINDS3, US. The main domain is multimedia.mailing.mattressomni.ca.
TLS certificate: Issued by R3 on February 8th 2022. Valid for: 3 months.

This is the only time multimedia.mailing.mattressomni.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	69.16.175.10 69.16.175.10		20446 (HIGHWINDS3) (HIGHWINDS3)
4	1

4 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

multimedia.mailing.mattressomni.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	mattressomni.ca multimedia.mailing.mattressomni.ca	134 KB
4	1

	Domain	Requested by
4	multimedia.mailing.mattressomni.ca	multimedia.mailing.mattressomni.ca
4	1

This site contains no links.

Subject Issuer	Validity	Valid
mailing.mattressomni.ca R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]
Frame ID: 697CBA495DE2CCA92BB1BAF45D8FD39D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

134 kB
Transfer

366 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif] Show response
multimedia.mailing.mattressomni.ca/furniture-B/photos/ 666 B
575 B 165ms
112ms Document
text/html 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 6e87d965a4054b7fd0c26b1c6f2cda5be10d3552911c770b0c762f64730d2d3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Mon, 28 Feb 2022 15:58:14 GMT
accept-ranges: bytes
cache-control: max-age=60
content-encoding: gzip
content-length: 433
content-type: text/html
x-hw: 1646063894.dop192.dc2.t,1646063894.cds095.dc2.hn,1646063894.cds004.dc2.p

GET
H2 200 ruxitagentjs_ICA27QVfgjqrux_10233220201140653.js Show response
multimedia.mailing.mattressomni.ca/ 324 KB
118 KB 27ms
27ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://multimedia.mailing.mattressomni.ca/ruxitagentjs_ICA27QVfgjqrux_10233220201140653.js

Requested by

Host: multimedia.mailing.mattressomni.ca
URL: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

tlb.hwcdn.net

Software

/

Resource Hash

8c7d4f66c98e3e921cb998465fd385b6532e61d92f55127222c2a7ec9b191ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:58:14 GMT
content-encoding: gzip
x-unique-id: 978B1591:3FFA_68A04040:01BB_620B4C88_397A:1459
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
etag: "1267599700"
x-frame-options: DENY
x-hw: 1646063894.dop192.dc2.t,1646063894.cds095.dc2.hn,1646063894.cds069.dc2.c
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-security-policy-report-only: default-src 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://index-log.getresponse.com/index/marketing_csp?source=multimedia-gr
content-length: 120524
x-content-type-options: nosniff

GET
H2 200 ruxitagentjs_D_10233220201140653.js
multimedia.mailing.mattressomni.ca/ 41 KB
15 KB 27ms
26ms Other
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://multimedia.mailing.mattressomni.ca/ruxitagentjs_D_10233220201140653.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

tlb.hwcdn.net

Software

/

Resource Hash

5a578578185cd30857a489c69d08c60945079396fcb8936c05749870ac5559d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:58:14 GMT
content-encoding: gzip
x-unique-id: 978B1585:F876_68A04040:01BB_6203C355_ABC36D:9A6A
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
etag: "1267599700"
x-frame-options: DENY
x-hw: 1646063894.dop192.dc2.t,1646063894.cds095.dc2.hn,1646063894.cds057.dc2.c
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-security-policy-report-only: default-src 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://index-log.getresponse.com/index/marketing_csp?source=multimedia-gr
content-length: 15266
x-content-type-options: nosniff

POST
H2 200 rb_bf70638ctp Show response
multimedia.mailing.mattressomni.ca/ 146 B
442 B 67ms
66ms XHR
text/plain 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://multimedia.mailing.mattressomni.ca/rb_bf70638ctp?type=js3&sn=v_4_srv_-2D73_sn_D2K41DP8193F472JTI126QFKRPB1P7AF&svrid=-73&flavor=post&vi=OQTKPCIHLMKFTPIPPJRCBIULIWHROFRR-0&modifiedSince=1645534523112&rf=https%3A%2F%2Fmultimedia.mailing.mattressomni.ca%2Ffurniture-B%2Fphotos%2Fe25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif%5D&bp=3&app=ea7c4b59f27d43eb&crc=2297152980&en=rd0m6seg&end=1

Requested by

Host: multimedia.mailing.mattressomni.ca
URL: https://multimedia.mailing.mattressomni.ca/ruxitagentjs_ICA27QVfgjqrux_10233220201140653.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

tlb.hwcdn.net

Software

/

Resource Hash

a57b3e85ac7485385543d7768d62a1f500a5d409adc9f6db9c788cda9b55c591

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif]
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Feb 2022 15:58:15 GMT
x-unique-id: 978B1583:594A_68A04040:01BB_621CF117_2229C0A:18C2
x-frame-options: DENY
x-hw: 1646063895.dop192.dc2.t,1646063895.cds095.dc2.hn,1646063895.cds055.dc2.sc,1646063895.cds055.dc2.p
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy-report-only: default-src 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://index-log.getresponse.com/index/marketing_csp?source=multimedia-gr
content-length: 146
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| dT_ object| dtrum

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mattressomni.ca/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D73_sn_D2K41DP8193F472JTI126QFKRPB1P7AF
.mattressomni.ca/	1970-01-20 18:45:35	Name: rxVisitor Value: 164606389435994CT9O6I8008OO57P6MQE469CFE00FC5
.mattressomni.ca/	1969-12-31 23:59:59	Name: dtLatC Value: 27
.mattressomni.ca/	1969-12-31 23:59:59	Name: dtSa Value: -
.mattressomni.ca/	1969-12-31 23:59:59	Name: rxvt Value: 1646065694380\|1646063894361
.mattressomni.ca/	1969-12-31 23:59:59	Name: dtPC Value: -73$263894356_284h-vOQTKPCIHLMKFTPIPPJRCBIULIWHROFRR-0e0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif] Message: Failed to load resource: the server responded with a status of 404 ()
worker	error	URL: https://multimedia.mailing.mattressomni.ca/furniture-B/photos/e25c2aa1-eb02-45bd-9525-1dc2acbbdf66.gif] Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

multimedia.mailing.mattressomni.ca
69.16.175.10
5a578578185cd30857a489c69d08c60945079396fcb8936c05749870ac5559d0
6e87d965a4054b7fd0c26b1c6f2cda5be10d3552911c770b0c762f64730d2d3a
8c7d4f66c98e3e921cb998465fd385b6532e61d92f55127222c2a7ec9b191ff4
a57b3e85ac7485385543d7768d62a1f500a5d409adc9f6db9c788cda9b55c591

multimedia.mailing.mattressomni.ca Open in urlscan Pro 69.16.175.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

134 kBTransfer

366 kBSize

6 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

multimedia.mailing.mattressomni.ca Open in urlscan Pro
69.16.175.10 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

134 kB
Transfer

366 kB
Size

6
Cookies

4 HTTP transactions
0 data transactions